HN Reader

Shai-Hulud malware attack: Tinycolor and over 40 NPM packages compromised (stepsecurity.io)

646 points by jamesberthoty 9h ago 484 comments

How to make the Framework Desktop run even quieter (noctua.at)

80 points by lwhsiao 2h ago 11 comments

Things you can do with a Software Defined Radio (2024) (blinry.org)

447 points by mihau 6h ago 93 comments

Denmark close to wiping out cancer-causing HPV strains after vaccine roll-out (gavi.org)

186 points by slu 2h ago 85 comments

Waymo has received our pilot permit allowing for commercial operations at SFO (waymo.com)

440 points by ChrisArchitect 4h ago 363 comments

Meta RayBan AR Glasses Shows Lumus Waveguide Structures in Leaked Video (kguttag.com)

43 points by speckx 1h ago 16 comments

How Container Filesystem Works: Building a Docker-Like Container from Scratch (labs.iximiuz.com)

48 points by lgunsch 3d ago 6 comments

I built my own phone because innovation is sad rn [video] (youtube.com)

89 points by Timothee 1d ago 19 comments

Should We Drain the Everglades? (rabbitcavern.substack.com)

14 points by ksymph 1h ago 6 comments

Wind turbine blade transportation challenges (spectrum.ieee.org)

47 points by Brajeshwar 3d ago 44 comments

Plugin System (iina.io)

105 points by xnhbx 4h ago 27 comments

Scammed out of $130K via fake Google call, spoofed Google email and auth sync (bewildered.substack.com)

155 points by davidscoville 3h ago 288 comments

Bertrand Russell to Oswald Mosley (1962) (lettersofnote.com)

139 points by giraffe_lady 4h ago 66 comments

A new experimental Google app for Windows (blog.google)

83 points by meetpateltech 5h ago 133 comments

CIA Freedom of Information Act Electronic Reading Room (cia.gov)

129 points by bookofjoe 7h ago 26 comments

Launch HN: Rowboat (YC S24) – Open-source IDE for multi-agent systems (github.com)

35 points by segmenta 3h ago 19 comments

UTF-8 history (2003) (doc.cat-v.org)

72 points by mikecarlton 3d ago 25 comments

Top UN legal investigators conclude Israel is guilty of genocide in Gaza (middleeasteye.net)

275 points by Qem 12h ago 95 comments

The Linux Process Journey (2023) [pdf] (thelearningjourneyebooks.com)

28 points by maxmoehl 2h ago 1 comments

A Dumb Introduction to z3 using Rust (asibahi.github.io)

6 points by kfl 1d ago 0 comments

Writing an operating system kernel from scratch – RISC-V/OpenSBI/Zig (popovicu.com)

62 points by popovicu 2d ago 3 comments

Paper Folding Assembly Line [video] (youtube.com)

39 points by peteforde 9d ago 4 comments

When the job search becomes impossible (jeffwofford.com)

66 points by pertinhower 7h ago 84 comments

Adios Chicos, 25 Years of KDE (jriddell.org)

124 points by thangqt 2h ago 33 comments

Development of the MOS Technology 6502: A Historical Perspective (2022) (embeddedrelated.com)

45 points by jason_s 5h ago 8 comments

Implicit ODE solvers are not universally more robust than explicit ODE solvers (stochasticlifestyle.com)

78 points by cbolton 7h ago 26 comments

In Defense of C++ (dayvster.com)

7 points by todsacerdoti 1h ago 0 comments

60 years after Gemini, newly processed images reveal details (arstechnica.com)

234 points by sohkamyung 3d ago 68 comments

Generative AI as Seniority-Biased Technological Change (papers.ssrn.com)

190 points by zeuch 7h ago 164 comments

Microsoft Favors Anthropic over OpenAI for Visual Studio Code (theverge.com)

165 points by corvad 5h ago 81 comments

Java 25 officially released (mail.openjdk.org)

237 points by mkurz 7h ago 122 comments

Teen safety, freedom, and privacy (openai.com)

77 points by meetpateltech 7h ago 96 comments

Show HN: AI Code Detector – detect AI-generated code with 95% accuracy (code-detector.ai)

62 points by henryl 2h ago 51 comments

Scientists uncover extreme life inside the Arctic ice (news.stanford.edu)

74 points by hhs 3d ago 27 comments

Migrating to React Native's new architecture (shopify.engineering)

103 points by vidyesh 4d ago 63 comments

Will I run Boston 2026? (getfast.ai)

31 points by steadyelk 4h ago 37 comments

"Your" vs. "My" in user interfaces (adamsilver.io)

433 points by Twixes 17h ago 217 comments

Learn x86-64 assembly by writing a GUI from scratch (2023) (gaultier.github.io)

229 points by ibobev 4d ago 24 comments

Robert Redford has died (nytimes.com)

424 points by uptown 8h ago 131 comments

Hosting a website on a disposable vape (bogdanthegeek.github.io)

1339 points by BogdanTheGeek 1d ago 446 comments

Europe is locking itself in to US LNG (davekeating.substack.com)

122 points by hunglee2 6h ago 205 comments

Alex Karp Insists Palantir Doesn't Spy on Americans. Here's What He's Not Saying (theintercept.com)

20 points by leotravis10 2h ago 3 comments

AMD Begins Plumbing APCI C4 Support in the Linux Kernel for Power Savings (phoronix.com)

18 points by doener 3h ago 1 comments

A few corrections about the transition from Blue Systems to Techpaladin (pointieststick.com)

34 points by nomdep 1h ago 1 comments

Gearbox CEO Randy Pitchford tells Borderlands 4 critics: "code your own engine" (techspot.com)

7 points by speckx 1h ago 2 comments

Adding FRM parser utility to MariaDB (hp77-creator.github.io)

10 points by hp77 3d ago 0 comments

Trucker built a scale model of NYC over 21 years (gothamist.com)

104 points by speckx 7h ago 14 comments

Launch HN: Trigger.dev (YC W23) – Open-source platform to build reliable AI apps

151 points by eallam 1d ago 63 comments

When will Jaguar Land Rover restart production? "No one knows." (arstechnica.com)

27 points by duxup 5h ago 7 comments

Google Secretly Handed ICE Data About Pro-Palestine Student Activist (theintercept.com)

8 points by amarcheschi 41m ago 1 comments

Live updates: Shai-hulud, the most dangerous NPM breach in history

46 chha 3 9/16/2025, 6:26:32 PM koi.security ↗

Comments (3)

btown · 2h ago
Larger discussion thread here: https://news.ycombinator.com/item?id=45260741
293984j29384 · 1h ago
I scanned this discussion looking for a way to tell if you've been compromised but nothing jumped out.
bikeshaving · 1h ago
If you’re a package maintainer, please defensively revoke all NPM and GitHub tokens. This is a worm which is still spreading and you probably don’t want to publish anything today anyways, so you might as well use this incident as an opportunity to rotate everything.